Virus and Spyware Removal Guides, uninstall instructions

VIVELAG Ransomware

What is VIVELAG?

Discovered by dnwls0719, VIVELAG is a malicious program belonging to the Sapphire ransomware family. It is designed to encrypt data and demand payment for decryption. During the encryption process, all affected files are appended with the ".VIVELAG" extension.

For example, a file named "1.jpg" would appear as "1.jpg.VIVELAG" following encryption. After this process is complete, a pop-up window is displayed containing a ransom message in French. In fact, VIVELAG ransomware is decryptable - the decryption key is "052250058205075025075207820" (without the quotation marks).

Should this malware be updated, however, this key may no longer be able to recover the compromised files.

   
Transaction Received Into Blockchain Wallet Email Scam

What kind of scam is "Transaction received into blockchain wallet"?

"Transaction received into blockchain wallet" is a scam email. These messages are disguised as mail from Blockchain, Bitcoin cryptocurrency block explorer and cryptowallet service, which supports Bitcoin, Bitcoin Cash, and Ethereum cryptocurrencies. The emails are presented as notifications about a "recent transaction".

The purpose of the "Transaction received into blockchain wallet" messages is to trick people into visiting cryptocurrency-related phishing websites, which in turn are designed to extort information relating to users' cryptowallets and steal them.

   
Dupzom Trojan

What is Dupzom?

Dupzom is a Trojan which operates as a malware downloader. It causes chain infections by downloading and executing malicious files that infect computers with additional malware. Dupzom can cause installation of ransomware, remote administration/access Trojans (RATs), cryptocurrency miners, and other high-risk malware.

Therefore, if there is any reason to believe that your computer is infected with Dupzom or other similar malware, remove these threats immediately.

   
UBS INVESTMENT Email Scam

What is "UBS INVESTMENT Email Scam"?

Scammers behind this email scam attempt to trick recipients into providing certain information by disguising the message as a business proposal and offering a share of the profits. Do not trust this scam or send any of the requested information to the criminals responsible.

   
Guesstimateds.com POP-UP Scam

What is guesstimateds[.]com?

guesstimateds[.]com is a rogue website running various scams. The researched variant claims that, by completing a short survey, users can win a prize. These schemes are typically designed for phishing purposes. I.e., by offering fake prizes, they attempt to extort personal information and/or otherwise abuse people's trust.

Few visitors to guesstimateds[.]com access it intentionally - most are redirected to the site by intrusive ads or Potentially Unwanted Applications (PUAs).

These apps do not need express permission to be installed onto devices. Following successful infiltration, however, they cause redirects, run intrusive advertisement campaigns, hijack browsers and track browsing-related data.

   
MajorPanelSearch Adware (Mac)

What is MajorPanelSearch?

MajorPanelSearch is designed to display advertisements and promote the address of a fake search engine by changing browser settings. This app has traits of adware and browser hijackers. It might also be designed to collect data relating to users' browsing habits.

In most cases, people download and install these apps unintentionally and, therefore, MajorPanelSearch (and other apps of this type) are categorized as potentially unwanted applications (PUAs). Research shows that MajorPanelSearch is distributed through a deceptive Adobe Flash Player installer.

   
Searchred01.xyz Redirect

What is searchred01.xyz?

searchred01.xyz is promoted through a potentially unwanted application (PUA), a browser hijacker called Suxs APP. This address might also be promoted by other apps of this type. Typically, browser hijackers promote fake search engines by changing certain browser settings.

Most gather browsing-related information as well. Browser hijackers are categorized as PUAs, since users often download and install them inadvertently.

   
Space Ransomware

What is Space ransomware?

Space is a part of the Dharma ransomware family. It encrypts files, renames them, displays a ransom message in a pop-up window, and creates another in a text file named "FILES ENCRYPTED.txt". Space renames files by adding the victim's ID, the Mail@qbmail.biz email address, and appending the ".space" extension to filenames.

For example, it changes "1.jpg" to "1.jpg.id-1E857D00.[Mail@qbmail.biz].space", "2.jpg" to "2.jpg.id-1E857D00.[Mail@qbmail.biz].space", etc. This ransomware was discovered by Jakub Kroustek.

   
!Shadow Ransomware

What is !Shadow?

!Shadow is malicious software categorized as ransomware. It operates by encrypting the data of infected systems and presenting victims with ransom demands for decryption tools.

During the encryption process, all affected files are renamed according to this pattern: "{ShadowofDeath@elude.in}.ID=[victim's_ID].[original_filename].!Shadow". For example, a file named "1.jpg" would appear as something similar to "{ShadowofDeath@elude.in}.ID=1E857D00.1.jpeg.!Shadow" following encryption.

Once this process is finished, a ransom-demand message is presented in a pop-up window ("!ENCRYPTED-README.hta" HTML application, which is created in all compromised folders).

   
AdditionalChannelSearch Adware (Mac)

What is AdditionalChannelSearch?

The main purpose of AdditionalChannelSearch is to serve advertisements, however, it also promotes the address of a fake search engine by modifying browser settings. In summary, AdditionalChannelSearch has characteristics of adware and browser hijackers.

 Users often download and install apps of this type unintentionally and, therefore, they are categorized as potentially unwanted applications (PUAs).

Note that PUAs often collect information relating to users' browsing habits. Research shows that AdditionalChannelSearch is distributed through a deceptive Adobe Flash Player installer - these installers are commonly used to distribute, not only PUAs, but also malicious programs such as ransomware, Trojans and other malware.

   

Page 1345 of 2329

<< Start < Prev 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 Next > End >>
About PCrisk

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal